We help IT Professionals succeed at work.

Exchange 2010 Message-ID spam filtering

fosseitsl
fosseitsl asked
on
Using Exchange 2010, I am trying to enable some anti-spam measures using the Message-ID domain classification:
So far I have had not a lot of success.
Created new transport rule on Hub Transport Server that:

On condition: "when the message header matches text patterns"
"Message-ID" matches 'contoso.com$' or 'fabrikam.com$' or 'fourthcoffee.com$'

To Action:
forward the message to 'spamadmin@mydomain.com' for moderation

The $ sign is the regular expression to match the end of the Message ID as shown as http://technet.microsoft.com/en-us/library/aa997187.aspx

The domains are examples and not actually used in my test!

Kind Regards
fosseitsl
Comment
Watch Question

Madan SharmaConsultant

Commented:
I think it will be better if you use built in Anti Spam feature in exchange 2010. By default its not installed on exchange server but you can easily install it.

To install Anti spam feature on your HT server just open us Exchange Management Shell navigate to C:\Program Files\Microsoft\Exchange Server\Scripts and run ./AntiSpamcomman.ps1

After installing it restart exchange transport service  and you have done.

Just open up your EMC - Organization Configuration  - HT - Anti Spam and you will be able to to all kind of Anti Spam filtering.
Thanks akicute555 for your comments - I have been able to solve the issue and add more interesting spam detection techniques:

The correct syntax for Message-Id is
On condition: "when the message header matches text patterns"
"Message-ID" matches 'contoso.com>$' or 'fabrikam.com>$' or 'fourthcoffee.com>$'

On another field (return-path) in the header can be filtered using:
On condition: "when the message header matches text patterns"
"Return-Path" matches '@contoso.com$' or '@fabrikam.com$' or '@fourthcoffee.com$'

Very powerful stuff is the Exchange 2010 transport rules !!



Author

Commented:
Resolved by myself - hopefully useful to other exchange admins in combatting marketing spam